heplify - Not receiving RTCP

[noahrotheray]

Hi Guys,

Im having issues getting RTCP info in the packets captured by homer.

Essentially every captured call, the SIP info is perfect, and there are QoS stats for it, but in the actual PCAP & Call Flow, there's no RTCP:

Below is the heplify parameters im using: heplify -i bond0 -pr 5050-5090 -hs my.hep.server:9060 -hn SIPNT3 -d rtcp,rtp,sdp

Below is a screenie of call flow & Messages:

Checking the debug, RTCP is being seen:

2020-02-14T13:12:20+02:00 DBG [rtcp] Found '4a46be4b:7b9789e7-c9bd-1238-7b9e-0026b98bf279' in rtcpCache srcIP=1.1.1.1, srcPort=18211, dstIP=2.2.2.2., dstPort=19889, payload={"sender_information":{"ntp_timestamp_sec":3790667540,"ntp_timestamp_usec":3696296099,"rtp_timestamp":786560,"packets":4829,"octets":96580},"ssrc":1246150219,"type":202,"report_count":1,"report_blocks":[{"source_ssrc":779686571,"fraction_lost":0,"packets_lost":2,"highest_seq_no":59858,"ia_jitter":0,"lsr":4279471635,"dlsr":83887}],"report_blocks_xr":{"type":0,"id":0,"fraction_lost":0,"fraction_discard":0,"burst_density":0,"gap_density":0,"burst_duration":0,"gap_duration":0,"round_trip_delay":0,"end_system_delay":0},"sdes_ssrc":1246150219}

Im currently using Homer7 Docker (hom7-promall), with heplify v1.56 on my freeswitch boxes.

Let me know if im missing anything or if you need more information from me :)

[negbie]

Hi @Sp0rN I need a pcap to debug this.

[noahrotheray]

@negbie sure, ill send one shortly.

[negbie]

Thanks.

[noahrotheray]

@negbie Easiest way to get the PCAP to you? Dont really want it public here :)

[negbie]

Got it, thank you. Will take a look over the day.

[noahrotheray]

Appreciate it :)

[negbie]

Hi @Sp0rN I've looked into your pcap during lunch break. Only the freeswitch pcap is important since the other one has no RTCP packets. As you might know you need SDP information to correlate RTCP. I see 6 SIP messages with SDP in the pcap. Let's consider only both INVITES and corresponding 200 OK since the 183 messages have no new SDP information. For privacy I will only mention the last 2 digitest of the source IP in the SDP.

so we have following ip+rtcp or (rtp+1) port combinations: from the two INVITES: ...69:19627 ...68:25437

let's open wireshark and use the srcport filter: udp.srcport==19627 shows 21 RTCP packets. udp.srcport==25437 shows 0 RTCP packets.

from the two 200 OK: ...69:16783 ...68:32661

let's open wireshark and use the srcport filter: udp.srcport==16783 shows 0 RTCP packets. udp.srcport==32661 shows 7 RTCP packets.

So in total we have 28 RTCP packets which can be correlated and all of them are for the call-id which ends on 0026b98bf279.

Let's use heplify with the -rf flag to read in your pcap: ./heplify -rf freeswitch.pcap -pr 5000-6000

The portrange flag (-pr) is needed since your SIP traffic isn't over 5060. So I took a range which contains your SIP traffic. heplify will close itself when it will reach the end of the file.

Looking inside the homer ui I see exaclty 28 RTCP packets for the call-id which ends on 0026b98bf279. So for me everything works like it should. I hope this helps you.

[noahrotheray]

Thanks for the detailed explanation @negbie.

I tried to replicate on my end:

• Brought up a brand new hom7-prom-all instance
• read in the pcap using heplify
• Still no RTCP in the callflow/PCAP, even though it is definitely in the original pcap.

Should i post this under homer7-docker?

Im not sure what else to check.

[negbie]

@Sp0rN No the issue is fine here. Which homer-app version is displayed at the end of docker-compose up?

You read in the pcap file like this? ./heplify -rf freeswitch.pcap -pr 5000-6000

Is it possible for you to exec into the db container and look inside the RTCP table?

[noahrotheray]

@negbie docker-compose up -d doesnt display the webapp version, but im using the 7.7 branch of homer7-docker if that helps?

Yes, I used the exact command you used.

Managed to exec into the container psql container, these are the only tables im seeing in homer_data, not sure if this is correct?

[negbie]

@Sp0rN docker-compose up -d will run in daemon mode. Just use docker-compose up for testing.

[negbie]

Check the hep_proto_5_default table with the right date and time.

[negbie]

Don't forget to do a docker-compose pull before your tests.

[noahrotheray]

Thanks @negbie , performed docker pull sucessfully.

1. homer webapp version - Version: homer-app 1.1.35
2. Emailed

[negbie]

@Sp0rN rows are looking good. Please do following (ATTENTION prune commands will delete all docker containers and volumes):

• clear you browser cache
• sudo docker system prune
• sudo docker volume prune
• sudo docker-compose pull
• sudo docker-compose up
• read in the file again

If you still see no RTCP it can be a timezone, a mapping or UI issue so I would like to ask you to follow this guide from here: https://github.com/sipcapture/homer/wiki/Troubleshooting-Homer-7.7#debug-in-web-console and if it does not help you open a new issue under the homer-ui repo because heplify-server is working like it should.

[noahrotheray]

Thanks @negpie , unfortunately followed these steps, same result.

Will post new issue in homer-ui repo.

[negbie]

@Sp0rN your welcome!